Home page logo

securecoding logo Secure Coding mailing list archives

Information Security Mag: Vendor Control and Software Security
From: Gary McGraw <gem () cigital com>
Date: Tue, 5 Feb 2013 20:12:20 -0500

hi sc-l,

My monthly column [in]security is sometimes published as part of Information Security Magazine.  That's what happened 
with this column I wrote way back in December. It is appearing in the Feb/Mar issue of ISM.

And here it is on the intarwebs.  This article suggests combining at least two measurements: 1) process measurement 
with vBSIMM and 2) application measurement with binary, static, or hybrid analysis.  This article begins to explain to 
the general security practitioner (think network security person) how that all works:


Please read this and pass it on.  I am interested in hearing your thoughts.


company www.cigital.com
podcast www.cigital.com/silverbullet
blog www.cigital.com/justiceleague
book www.swsec.com

Secure Coding mailing list (SC-L) SC-L () securecoding org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates

  By Date           By Thread  

Current thread:
  • Information Security Mag: Vendor Control and Software Security Gary McGraw (Feb 07)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]